CN109196841B - Method and apparatus for issuing assertions in distributed databases of a mobile telecommunications network and for personalizing internet of things devices - Google Patents

Method and apparatus for issuing assertions in distributed databases of a mobile telecommunications network and for personalizing internet of things devices Download PDF

Info

Publication number
CN109196841B
CN109196841B CN201780034331.9A CN201780034331A CN109196841B CN 109196841 B CN109196841 B CN 109196841B CN 201780034331 A CN201780034331 A CN 201780034331A CN 109196841 B CN109196841 B CN 109196841B
Authority
CN
China
Prior art keywords
mobile network
network operator
assertion
subscription
mobile
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201780034331.9A
Other languages
Chinese (zh)
Other versions
CN109196841A (en
Inventor
L.T.范
I.马哈拉尔
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Thales Digital Security France Easy Stock Co
Thales DIS Design Services SAS
Original Assignee
Gemalto SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Gemalto SA filed Critical Gemalto SA
Publication of CN109196841A publication Critical patent/CN109196841A/en
Application granted granted Critical
Publication of CN109196841B publication Critical patent/CN109196841B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • H04L63/064Hierarchical key distribution, e.g. by multi-tier trusted parties
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • H04L9/3073Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • H04W12/35Protecting application or service provisioning, e.g. securing SIM application provisioning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/40Security arrangements using identity modules
    • H04W12/48Security arrangements using identity modules using secure binding, e.g. securely binding identity modules to devices, services or applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/70Services for machine-to-machine communication [M2M] or machine type communication [MTC]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Data Mining & Analysis (AREA)
  • Algebra (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention relates to a method for granting, for a mobile device not pre-provisioned with a subscription to access a wireless network, the establishment of an initial wireless communication over a second wireless network (Se-PLMN) operated by a second wireless network operator (Se-MNO), said mobile device belonging to a user, comprising the steps of: receiving (801) an identifier of a mobile device over a second wireless network (Se-PLMN); in an immutable distributed database hosted by a first wireless network operator (Fi-MNO) and a second mobile network operator (Se-MNO) in which data is copied across multiple computing nodes of the network, verifying (802) whether an issued assertion that includes the identifier of a mobile device at least indicates that a user owns a first subscription to the first mobile network operator (Fi-MNO) that allows the first operator (Fi-MANO) to be charged by the second mobile network operator (Se-MNO) for establishing wireless communications over a second wireless network; in the case of positive verification, wireless communication is permitted to be established over a second wireless network (Se-PLMN) (804) such that the mobile device is provisioned with a second subscription of a third wireless network operator (Th-MNO).

Description

Method and apparatus for issuing assertions in distributed databases of a mobile telecommunications network and for personalizing internet of things devices
Technical Field
The present invention relates to methods and apparatus for issuing assertions in distributed databases of mobile telecommunications networks, and more particularly to the technical field of distributed databases and internet of things (IoT).
Background
IoT devices that do not have a subscription to a mobile operator to access a 3GPP network are considered for fifth generation wireless systems, commonly referred to as 5G. Up to now, devices without subscription can only access 3GPP networks for limited emergency services.
In a 5G network, it is expected that some IoT devices will not have an initial subscription to any operator. Such a device would still be able to access the 3GPP network and use 3GPP resources, in order to get a 3GPP subscription first. The device will then use the downloaded subscription to access the network as it does today.
A first problem for mobile operators is that from a regulatory point of view, the operator needs to be able to associate a device with a subscriber before allowing access to the device to access its network.
A second problem is that from an operational point of view, the mobile operator needs to be able to charge someone for this first connection.
Today, solutions developed by the global system for mobile communications association (GSMA) that rely on bootstrap (bootstrap) subscriptions exist. Such a solution has several drawbacks as it would require the manufacturer to pre-personalize (personalize) its devices with such a bootstrap subscription, thereby increasing cost overhead.
Another problem with such bootstrap subscriptions is that, contrary to automotive manufacturers, IoT device manufacturers may produce hundreds of thousands of devices that may never be actually activated, so that cost overhead may never be offset.
Using a device certificate (and a public/private key pair) stored in the device may be one solution. However, such systems require an expensive public key infrastructure (certificate authority, certificate revocation list). Such a cost structure is not suitable for such an IoT market. It will also require a root of trust (root certificate) on a per country basis, which is incompatible with the global market for telecommunications.
Using a pre-shared key within a device would require the device manufacturer or another entity to store such a pre-shared key. Such entities would need to be accessible and trusted by the operator. This case is equivalent to the initial subscription case with an associated cost overhead.
Disclosure of Invention
The invention relates to a method for granting permission to establish an initial wireless communication over a second wireless network operated by a second wireless network operator for a mobile device not pre-provisioned with a subscription to access the wireless network, said mobile device belonging to a user, the method comprising the steps of:
-receiving an identifier of the mobile device over the second wireless network;
-verifying, in an immutable distributed database hosted by at least a first wireless network operator and a second mobile network operator in which the same data copied across a plurality of computing nodes of the network is stored, whether an issued assertion comprising said identifier of the mobile device at least indicates that the user possesses a first subscription to the first mobile network operator, said subscription allowing said first operator (Fi-MANO) to be charged by the second mobile network operator (Se-MNO) for establishing wireless communication over the second wireless network;
-in case of positive verification, permitting establishment of wireless communication over the second wireless network such that the mobile device is pre-provisioned with a second subscription of the third wireless network operator.
According to an example, the method comprises the steps of: authenticating the first wireless network operator allows charging to be charged by the second mobile network operator for establishing wireless communications over the second wireless network.
According to an example, the second and third mobile network operators specify the same mobile network operator.
According to an example, a mobile device is associated with a secure element adapted to be provisioned with a subscription.
According to an example, an assertion issued by a manufacturer of the secure element in a distributed database provides an identifier of the secure element and an indicator of a security level provisioned by the secure element, the assertion allowing a second subscription to be proposed to a user that takes into account the security level.
According to an example, the method comprises the steps of: verifying that the mobile device belongs to the user is performed by checking whether there is an assertion in the distributed database that identifies the user as the owner of the mobile device.
A method according to an example according to any of the preceding claims, wherein the immutable distributed database comprises a plurality of computing nodes called stakeholders, a stakeholder registering with a trusted entity, asserting issuing an identifier requested by and including at least a claim entity.
According to an example, the method comprises the steps of: verifying a security level provided by a secure element embedded in a mobile device adapted to be provisioned with a second subscription by reading an assertion issued in an immutable distributed database, the assertion linking an identifier of the secure element and the security level.
According to an example, the immutable distributed database is a blockchain.
The invention also relates to a mobile device not pre-provisioned with a subscription to access a wireless network, configured to:
-sending an identifier of the mobile device to the second wireless network, enabling the second wireless network operator to verify in an immutable distributed database hosted by at least the first wireless network operator and the second mobile network operator, in which data replicated across a plurality of computing nodes of the network is stored, whether a publication assertion including said identifier of the mobile device at least indicates that the user possesses a first subscription to the first mobile network operator, said subscription allowing said first operator to be charged by the second mobile network operator for establishing wireless communication over the second wireless network, in case of positive verification, permitting establishment of wireless communication over the second wireless network;
-downloading the second subscription from the third wireless network operator.
According to an example, a mobile device includes a secure element configured to be provisioned with a second subscription.
According to an example, the secure element is associated with a security level issued in an assertion of the immutable distributed database.
The invention also relates to a server of a second mobile network adapted to grant permission to establish an initial wireless communication over a second wireless network operated by a second wireless network operator (Se-MNO) for a mobile device not pre-provisioned with a subscription to access the wireless network, the mobile device belonging to a user, the server being configured to:
-receiving an identifier of a mobile device;
-verifying whether a publication assertion comprising said identifier of the mobile device at least indicates that the user owns a first subscription to the first mobile network operator, said subscription allowing said first operator to be charged by the second mobile network operator for establishing wireless communication over the second wireless network, by consulting an immutable distributed database in which data, copied across a plurality of computing nodes of the network, hosted by at least the first wireless network operator and the second mobile network operator is stored;
-in case of positive verification, permitting establishment of wireless communication over the second wireless network such that the mobile device is pre-provisioned with a second subscription of the third wireless network operator.
Drawings
Additional features and advantages of the invention will be more clearly understood after reading the detailed description of a preferred embodiment of the invention, given as an indicative and non-limiting example, in conjunction with the following drawings:
figure 1 is a schematic representation of a wireless system comprising a distributed database for issuing assertions validated and verified by a plurality of correlators (stakelolders);
FIG. 2 illustrates an example of a process that may be performed for issuing an assertion in a distributed database;
FIG. 3 schematically shows how the process leading to the issuance of one or several assertions can be timely organized;
figure 4 illustrates a sequence of publication assertions that can be used to check to allow an IoT device to connect for the first time on a given wireless network without an initial subscription;
FIGS. 5A, 5B and 5C provide three examples of formats that may be used for issuing an assertion;
figure 6 provides an example of a sequence diagram representing a registration phase of a user who wants to activate a newly purchased IoT device;
figure 7 provides an example of a sequence diagram representing assertions of a newly purchased IoT device;
fig. 8 provides an example of a sequence diagram illustrating initial connection of an IoT device.
Detailed Description
FIG. 1 is a schematic representation of a wireless system including a distributed database for issuing assertions validated and verified by multiple correlators.
The system includes a plurality of stakeholders 110 and 114. The correlator is a computing node operated by an actor (actor) of the wireless system. In this specification, a computing node refers to a device that includes hardware and software components and executes programs to receive and transmit data over a communication network. Computers connected to a network are examples of computing nodes.
Various stakeholders may operate their own compute nodes.
In this example, two computing nodes 110, 111 are operated by first and second mobile network operators, respectively, one computing node 112 is operated by an IoT mobile network operator, and two computing nodes 113, 114 are operated by first and second IoT device manufacturers, respectively.
The system also includes other entities called declarative entities. A declarative entity is an entity that can request that one or several assertions be issued in a distributed database.
In this specification, a distributed database refers to a database that stores data across multiple compute nodes of a network.
In the example provided with fig. 1, four mobile devices 121 used by four subscribers of a first mobile network operator, four mobile devices 120 used by four subscribers of a second mobile network operator, and four IoT devices 122 used by four subscribers of an IoT mobile network operator are represented.
In this specification, an IoT device refers to a mobile device that includes a machine-to-machine communication module. Machine to machine (M2M) refers to the transmission of data from one terminal to another or the exchange of data between machines through GSM/GPRS, UMTS/HSDPA, CDMA/EVDO, LTE or other modules. Currently, M2M is generally applied in the fields of security monitoring, vending machines, public transportation systems, vehicle monitoring and management, industrial process automation, automotive machinery, city informatization, and the like. In this example, these devices are not stakeholders and only have the role of a declarative entity. However, a given actor of the system may also need to issue an assertion in the distributed database. In this case, a given compute node may be configured to be both a correlator and a clearinghouse. This is the case, for example, for two IoT device manufacturers 113, 114 that both can operate a computing node to be configured as such.
In the context of this particular example, the main functions of the different actors of the system are described hereafter.
The mobile network operator owns its subscribers or has access to the home operator (HPLMN) of the subscribers. It may be responsible for registering its subscribers on the distributed database. The MNO provides the mobile device with access to its network resources, such as its radio network, its subscription services and authentication functions. The MNO is also responsible for verifying credentials and authenticating the mobile device. It may also authenticate the services subscribed to by the user.
Further, its network is configured to provide access to a distributed database in order to validate transactions for a particular device or subscriber. As already emphasized, it may also be an actor to verify and issue signed assertions in a distributed database.
An IoT device manufacturer is an actor who manufactures IoT devices and generates and stores, as an example, public and private key pairs into the IoT devices. Such a key pair may be used in a distributed database.
IoT devices are examples of declarative entities. It may provide the purchaser with an identifier of the IoT device, such as a public key readable on the box of the purchased device. The device is also configured to attach/connect to an IoT mobile network.
For cryptographic operations or security information storage, an IoT device may be associated with a secure element, such as a UICC, eSE, or eUICC.
The secure element is for example a UICC (universal integrated circuit card). It may be in the format of a smart card, in the format of a packaged chip, or in any other format. It can be used, for example, in mobile terminals in GSM and UMTS networks. The UICC ensures network authentication, integrity and security of various personal data.
The UICC contains mainly SIM applications for GSM/GPRS networks and in USIM applications for UMTS networks it is the USIM application. For a network supporting Long Term Evolution (LTE), the UICC contains an ISIM application. The UICC may also contain several other applications, so that the same smart card can give access to UMTS and LTE networks and also allow storing phone books and other types of services.
The UICC can typically be removed from the mobile terminal or IoT device. After inserting his UICC in his new terminal, the user will still have access to his applications, contacts and credentials (network operator).
The secure element may also be of the eUICC type (embedded UICC). euiccs are UICCs that are either soldered or not fully linked to the device but are difficult to remove because they are not intended to be removed, located in a remote terminal, or deeply integrated in a machine. The special form factor of the UICC (e.g. very small and therefore not easy to handle) may also be the reason for actually considering it as integrated in the terminal. Techniques for implementing the functionality of the secure element by software may also be considered in the context of the present invention.
Subscribers of a mobile network operator have a valid subscription to the Mobile Network Operator (MNO). The subscriber may also have its own public/private key pair, which may be used in the system, e.g. via its mobile network operator. The subscriber is a subscriber who can activate the IoT device he purchases.
To perform the encryption process that results in activation of a given IoT device, a subscriber may be associated with a mobile device (e.g., a smartphone) or an application in a secure element.
The distributed database may integrate all valid assertions signed and verified by the system's relatives. These can be accessed by the system's relatives, where each can read a given assertion issued in the system and authenticate the claiming entity that needs it to issue.
FIG. 2 illustrates an example of a process that may be performed for issuing an assertion in a distributed database.
At a given period of processing time, the first correlator 205 collects four assertion requests 204 from the four declarative entities 200-203. An assertion request is a message that includes at least a portion of the information to be published on the distributed database by the correlator.
According to one embodiment of the invention, a key pair comprising a public key and a private key is associated with each claiming entity. This type of key pair is referred to as a declarative entity key pair or a DE key pair. In addition, the DE public key or the result of a one-way function or hash function (e.g., SHA-256) applied to the DE public key may be used as an identifier of the claimed entity. The assertion entity may sign the assertion request using a private key of the DE key pair.
As an example, the assertion request includes an identifier of the claiming entity, such as a public key to the DE. It may also include a tag indicating the subject of the assertion. The tag is a sequence of numbers that can be later interpreted by the correlator.
The first correlator can then use its DE public key to authenticate the claiming entity that has signed the assertion request and generate assertion block 206.
Assertion block 206 includes all assertions requested and asserted by first correlator 205 during a given processing period. It may be constructed by signing each received assertion with the private key of the FS key pair or alternatively by signing the entire block also with the private key of the FS key pair.
First correlator 205 then sends the signed assertion block to second correlator 233, e.g., a designated correlator for validation and issuance for all assertions in the current processing round).
During a given processing period, the second correlator 233 can receive none, one, or several of the assertion blocks 230 and 232 issued by one or several of the correlators 220 and 222. The second correlator would then aggregate the received predicate blocks and sign the result of the aggregation to provide aggregated predicate block 240.
The aggregated assertion block 240 may then be issued 260 in the distributed database.
According to one embodiment, the signature 250 is generated from a key pair attributed to the second correlator. The key pair is referred to as a second correlator (SeS) key pair and includes a SeS private key and a SeS public key. In the preferred embodiment, the signature algorithm used takes as input the predicate blocks 230, 231, 232 received during the current processing period and the signature 234 generated for the last aggregated predicate block issued in the distributed database. The advantage of this process is to allow detection of unauthorized insertion or deletion of previously signed aggregated predicate blocks in the distributed database by any stakeholder. Adding an aggregate predicate block to a database can only be performed at the end of the database. These properties make this distributed database, which includes an ever-growing list of assertions or records, often referred to as immutable. An example of an immutable distributed database is a blockchain.
According to embodiments of the invention, verification is handled, in whole or in part, by the stakeholders of the distributed database prior to issuing the signed aggregate predicate block.
Once the signed aggregated-predicate block is issued, any stakeholder may access the issued predicate, verify the signature of the aggregated-predicate block, and verify that the given predicate was issued by the identified declarative entity.
The skilled person will appreciate that a given correlator as a whole may implement the functionality of both the "first" and "second" correlators described above.
It should be noted that unlike peer-to-peer databases, such as blockchains as applied to bitcoins, only system relatives have access to the issued assertions. For this purpose the relevant person needs to be registered with a trusted third party. The trusted party may be implemented by a computing node that is itself the correlator. As an example, the trusted third party TTP1 is the first registered stakeholder of the system. When a new actor wants to join the regime, it first has to register with one of the relatives, e.g., with TTP 1. The TTP1 then verifies the credentials and capabilities of the new actor, as an example. If the verification is successful, the TTP1 may provide the assertion to the correlator, which generates a signed aggregate assertion block that shows the NA registered by the TTP 1. Once the new actor registration assertion is published to the distributed database, the new actor is registered and becomes a new stakeholder of the framework. The new stakeholder may then register the new actor and generate the assertion block and the aggregate assertion block for publication to the distributed database.
A key pair comprising a public key and a private key is assigned to each registered stakeholder. This corresponds to the FS and SeS key pairs assigned to the first and second correlators, respectively, which are mentioned for explanation purposes using fig. 2.
A given correlator knows the public keys of all registered correlators. Thus, they are able to verify at any time that a given aggregate predicate block or a given predicate block has been properly signed by an authorized (i.e., registered) correlator.
FIG. 3 schematically shows how the process of causing the issuance of one or several assertions can be timely organized.
In this example, the processing cycle includes four processing periods T1, T2, T3, and T4 of specified duration, which may depend on system attributes such as the number of correlators or the number of assertions to be processed, the load of the system.
During a first processing period, an assertion is received by a first correlator. An assertion block 300 is generated and signed that includes one or several assertions.
During the second processing period, the signed predicate block is sent 301 by the first correlator to the second correlator. The second correlator may be selected based on a predetermined schedule, a given correlator being designated for each processing period as the correlator that will generate the aggregate predicate block. Alternatively, the second correlator may be selected randomly.
During a third processing period, the second correlator generates and signs 302 the aggregate predicate block.
During a fourth processing period, all stakeholders of the system verify the validity of the signed aggregate predicate block, and in the event of a positive verification, publish 302 the block in the distributed database.
A sequence of processing periods is provided for exemplary purposes. The skilled person will appreciate that the sequence of processing periods may be processed differently. For example, processes 300 and 301 may be processed in a first processing period, and processes 302 and 303 may be processed in a second processing period.
Fig. 4 illustrates a sequence of publication assertions that may be used to check for a first connection of an IoT device on a given wireless network that is allowed without an initial subscription.
The following examples are described with examples of IoT devices that are not provisioned with an initial subscription. However, the skilled person will appreciate that the invention is applicable to other types of mobile devices, such as smart phones or tablet computers. This example is a use case in which an assertion issuance mechanism on a distributed database may be advantageously used.
IoT devices without a preloaded subscription typically need to initially connect to a given wireless network in order to download the subscription and then normally access the wireless network, which may be the same or different from the wireless network used for the initial connection.
The wireless network to be used for the initial connection needs to ensure that it will be able to charge for the resources available to the IoT device. To this end, the wireless network may read one or several assertions issued on the distributed database and which are linked directly or indirectly to the IoT device.
In this example, five assertions 410, 420, 430, 440, 450 are directly or indirectly related to an IoT device. These assertions are issued following the request of different assertion entities in five aggregated assertion blocks 411, 421, 431, 441, 451 associated with five signatures 412, 422, 432, 442, 452, respectively. As a reminder, the publication assertion is accessible by all registered stakeholders of the system.
The first release assertion 410 relates to a secure element that will store future subscriptions to be downloaded later. The assertion may be provided by the manufacturer of the secure element and include an identifier of the secure element as well as other information, such as a level of security that is guaranteed when it is used. In this case, the claiming entity is a computing node operated by the manufacturer of the secure element.
The secure element may be provided to an Original Equipment Manufacturer (OEM) that will integrate it into the IoT device. The OEM then requests issuance of an assertion 420 stating that the IoT device has been manufactured with the secure element. To this end, the assertion may be made by an identifier of the secure element associated with the identifier of the IoT device. Thus, the assertion creates a link between the IoT device and its secure element. In this case, the declarative entity is a compute node operated by the OEM.
The third issued assertion 430 is requested, for example, by a first wireless network, referred to herein as a first public land mobile network (Fi-PLMN) operated by a first mobile network operator (Fi-MNO) and for which the user has a valid subscription that allows him to connect at least one device (e.g., a smartphone) to the network. The assertion comprises, for example, an identifier of the Fi-PLMN and an identifier of the user. Thus, any registered stakeholder may check whether a given user associated with a given identifier has a valid subscription for accessing the wireless network. In this case, the claiming entity is a computing node operated by the mobile network operator of the Fi-PLMN.
The fourth publication assertion 440 is requested, for example, by a purchaser of the IoT device, hereinafter referred to as a "user". The user requests issuance of an assertion by a mobile device, such as a smartphone, that is different from the purchased IoT device and that is associated with the user's subscription to a Mobile Network Operator (MNO). The user may download an applet, for example, on his smart phone to request that the assertion be issued. The assertion 440 may then be made from the identifier of the subscriber associated with the identifier of the purchased device. The publication assertion creates a link between the user and the IoT device. Thus, the stakeholder reading the publication assertion 440 can check that the IoT device belongs to a user who regularly buys the device. In this case, the declarative entity is the device on which the user is identified as a regular subscriber.
When an IoT device initially attempts to connect to a wireless network, referred to herein as a second public land mobile network (Se-PLMN) and not necessarily the same as the Fi-PLMN, it may be advantageous to check whether the Se-PLMN is able to charge the user for using his network. To this end, a computing node owned by the Se-PLMN and registered as a correlator of the distributed database may check that the IoT device is associated with a given user by reading and authenticating the assertion 440, and then check whether that user is associated with a valid subscription that will allow charging of that initial connection. If so, the initial connection is permitted and the user may be offered to download the subscription profile. The subscription profile may be associated with a Fi-PLMN, a Se-PLMN, or any other wireless network referred to as a third public land mobile network (Th-PLMN). The user may have to select between several different subscriptions associated with different wireless networks. Further, the security level provided by the IoT device may be considered to suggest different subscription options to the user. According to one aspect of the invention, the security level may be traced by reading and authenticating the assertion 420, and then going to the assertion 410 which may embed an indicator of the security level provided by the secure element integrated into the IoT device.
The different subscription options may for example be displayed on the user's smartphone and one of them may be selected by interacting with the touch screen.
When a user (that is, the owner of the IoT device) selects a given subscription profile associated with the Th-PLMN, the assertion 450 may be issued in the distributed database. The release is requested, for example, by a computing node operated by a mobile network operator of the Th-PLMN. The assertion may include an identifier of the IoT device and an identifier of the Th-PLMN.
In this example, it appears that the contents of the assertion typically contain one or several identifiers of the entities of the distributed database. The identifier refers to, for example, a registration-related entity, a declarative entity, or an entity having both of these characteristics.
According to one aspect of the invention, when an assertion contains more than one identifier, it indicates a link between the identified entities, e.g., a link between a user and an MNO (or wireless network), a link between an IoT device and a secure element, etc.
According to a preferred embodiment of the invention, the public key of a key pair comprising a public key and a private key, or a quantity derived from the public key of the key pair, such as the result of a hash function (SHA-256) applied to the public key, may be used as the identifier.
Assertions can also contain the subject of the assertion. For example, a tag embodied by a sequence of bits may refer to a particular type of assertion. Alternatively, it may be embodied by a Universal Resource Identifier (URI).
Other data may also be provided in the assertion, such as the level of security provided by a given secure element.
5A, 5B, and 5C provide three examples of formats that may be used to issue an assertion.
In fig. 5A, the assertion contains a tag 501 indicating that the purpose of the assertion is to link the IoT device with the identified buyer, and corresponding identifiers 502, 503 are provided with the assertion.
In fig. 5B, the assertion contains a tag 510 indicating that the assertion is intended to claim that the secure element is now available for association with a device (e.g., an IoT device). Thus, an identifier 511 of the secure element is provided. In addition, the asserted field 512 provides an indicator of the security level provisioned by the identified secure element.
In fig. 5C, an example of an assertion is provided for the purpose of linking a wireless network with a user. The first field 520 provides an identifier of the wireless network Fi-PLMN for which the given user has a subscription. The second field 521 provides an identifier of the user. As already emphasized, this identifier may be a public key of a key pair attributed to the user during the registration phase. This is particularly useful in order to avoid the issuance of identifiers such as International Mobile Subscriber Identifiers (IMSIs) which mobile network operators prefer to keep secret. The third field 522 then provides an indication to any registration-related person that the user's subscription allows another wireless network to charge the Fi-PLMN for the initial subscription of the IoT device.
Those skilled in the art will appreciate that these examples of assertion formats are provided for illustrative purposes only, and that other structures, combinations, and contexts are also contemplated in the context of the present invention.
Fig. 6 provides an example of a sequence diagram representing a registration phase of a user wishing to activate a newly purchased IoT device.
According to this example, the user has a valid subscription to the mobile network operator. Using their smart phone and the subscription, the user can download 600 an application for managing their IoT devices. The process may also include an authentication step (not shown). Once the application is downloaded and the user authenticated, the user's key pair is generated 601 in such a way that the user's key pair is unique to the user. According to one embodiment, the user's key pair is generated by the user's device (e.g., a smartphone). Alternatively, the user's key pair may be generated by the network. In this case, a secure communication channel is required to preset the key pair for the subscriber's device. An assertion request 602 is then sent by the user through their smartphone towards the MNO to assert that the user is a valid subscriber for that MNO. The assertion request includes, for example, an identifier of the user. This identifier corresponds for example to the public key of the user's key pair.
Once the mobile network operator receives the assertion request 602, the assertion itself may be generated 603. In this example, the assertion includes a label indicating that the subject of the assertion is to declare the identified user as a subscriber to the MNO, an identifier of the user, and an identifier of the MNO. As shown in FIG. 2, the assertion may then be added to the signed assertion block by the first correlator and then sent to a second correlator that will aggregate several assertion blocks and sign the aggregate to generate a signed aggregated assertion block. This process will result in the issuance 604 of an assertion in the distributed database. A confirmation message 605 may then be sent to the user's smartphone indicating that the registration process has been completed correctly.
Fig. 7 provides an example of a sequence diagram representing assertions of a newly purchased IoT device.
The IoT devices are provided by OEMs. For this purpose, during the manufacturing phase, the OEM generates 700 a key pair that will home and preset 701 in the IoT device. According to an alternative embodiment, the key pair attributed to the IoT device may be obtained by the OEM from a trusted third party.
When a user registers as a subscriber of a given MNO (see, e.g., fig. 6), he can activate his newly acquired IoT device. To this end, an assertion request 703 is sent to the MNO. The assertion request includes, for example, a tag indicating that the subject of the assertion is to declare the purchase of the IoT device by the identified user, an identifier of the IoT device (the public key of the IoT device), and an identifier of the MNO. An assertion corresponding to the request can then be issued 704 on the distributed database.
According to one aspect of the invention, the identifier of the MNO is a public key belonging to a public/private key pair, which is attributed to a computing node operating as a correlator of a distributed database.
According to the present invention, a correlator is an entity that participates in the issuance of assertions in a distributed database. A key aspect of the invention is that the stakeholder registers with a trusted third party. During the registration process, a public/private key pair may be attributed to the correlator, and the public key of the key pair may be used as the identifier of the correlator.
Fig. 8 provides an example of a sequence diagram illustrating initial connection of an IoT device.
According to this example, the purchaser of the IoT device is registered as a subscriber to the MNO who accepts the initial connection to the registered IoT device to be charged. The newly acquired IoT device has been declared and a corresponding assertion is issued on the distributed database.
When a user switches on his newly acquired IoT device, it attempts to connect 800 to one of its detected wireless networks, e.g., a 3GPP network. The IoT device sends 801 its identifier (e.g., the public key of a preset key pair attributed to the device) to the network. Then, the verification process 802 begins. A stakeholder operated by the mobile network operator then verifies that the IoT device belongs to the user associated with the subscription that allows charging for the initial connection. To this end, the correlator reads the assertion that was issued on the database. Referring to the example of fig. 4, it will first read the assertion 440 linking the IoT device to its identified owner, and then it will be able to jump to the assertion 430 and get information about the subscription with which the owner is associated.
Once this verification is complete, the device may be authenticated 803 by generating a digital signature using, for example, the private key of the key pair attributed to the IoT device. The stakeholder of the mobile network operator will then be able to verify the signature using the public key of the IoT device key pair. If the authentication phase is successful, the IoT device is authorized to access the wireless network 804 in order to download the subscription for the IoT device.
The MNO operating the Fi-PLMN will then be able to charge the MNO operating the Se-PLMN for the initial connection.
A loaded subscription generally refers to a set of data that allows a mobile device to connect to a wireless network. The data set is sometimes referred to as a subscription profile and may contain an identifier of the subscriber for an International Mobile Subscription Identity (IMSI) and one or several security keys required for authentication and/or encryption.

Claims (10)

1. A method for granting permission to establish an initial wireless communication over a second mobile network operated by a second mobile network operator for a mobile device not provisioned with a subscription to access a wireless network, the mobile device being associated with a secure element adapted to be provisioned with a mobile network subscription, the mobile device belonging to a user, the method comprising the steps of:
-receiving an identifier of the mobile device over the second mobile network;
-verifying, in an immutable distributed database hosted by at least a first mobile network operator and a second mobile network operator in which identical data copied across a plurality of computing nodes of the network is stored, whether a publication assertion of said identifier comprising the mobile device at least indicates that the user possesses a first subscription to the first mobile network operator, said first subscription allowing said first mobile network operator to be charged by the second mobile network operator for establishing wireless communication over the second mobile network;
-in case of positive verification, permitting establishment of wireless communication over the second mobile network such that the mobile device is pre-provisioned with a second subscription of a third mobile network operator; and
-issuing an assertion in the immutable distributed database, the assertion providing an identifier of the secure element and an indicator of a security level provisioned by the secure element.
2. The method of claim 1, further comprising the steps of: verifying the first mobile network operator allows charging by the second mobile network operator for establishing wireless communication over the second mobile network.
3. The method of claim 1, wherein the second mobile network operator and the third mobile network operator specify the same mobile network operator.
4. The method of claim 1, wherein an assertion issued in an immutable distributed database that provides an identifier of a secure element and an indicator of a security level provisioned by the secure element is issued by a manufacturer of the secure element, the assertion allowing a second subscription to be proposed to a user that considers the security level.
5. The method of claim 1, further comprising the steps of: verifying that the mobile device belongs to the user is performed by checking whether there is an assertion in the immutable distributed database that identifies the user as the owner of the mobile device.
6. The method of claim 1, wherein the immutable distributed database includes a plurality of computing nodes referred to as correlators, the correlators registering with a trusted entity, asserting issues requested by and including at least an identifier of a claimed entity.
7. The method of claim 1, comprising the steps of: the security level provided by the secure element embedded in the mobile device adapted to be provisioned with the second subscription is verified by reading an assertion issued in the immutable distributed database providing an identifier of the secure element and an indicator of the security level provisioned by the secure element, the assertion linking the identifier of the secure element and the security level.
8. The method of claim 1, wherein the immutable distributed database is a blockchain.
9. A mobile device that is not pre-provisioned with a subscription to access a mobile network, comprising:
a security element;
the mobile device is configured to:
-sending an identifier of the mobile device to the second mobile network, enabling the second mobile network operator to verify in an immutable distributed database hosted by the first mobile network operator and the second mobile network operator, in which data is copied across a plurality of computing nodes of the network, whether a publication assertion of said identifier comprising the mobile device at least indicates that the user possesses a first subscription to the first mobile network operator, said first subscription allowing said first mobile network operator to be charged by the second mobile network operator for establishing wireless communication over the second mobile network, in case of positive verification, permitting establishment of wireless communication over the second mobile network;
-downloading a second subscription from a third mobile network operator into the secure element, wherein the secure element is associated with a security level issued in an assertion of an immutable distributed database.
10. A server of a second mobile network adapted to permit establishment of an initial wireless communication over the second mobile network operated by a second mobile network operator for a mobile device not pre-provisioned with a subscription to access the wireless network, the mobile device belonging to a user, the server configured to:
-receiving an identifier of a mobile device;
-verifying whether a publication assertion including said identifier of the mobile device at least indicates that the user owns a first subscription to the first mobile network operator, said first subscription allowing said first mobile network operator to be charged by the second mobile network operator for establishing wireless communication over the second mobile network, by consulting an immutable distributed database hosted by the first mobile network operator and the second mobile network operator in which data is replicated across a plurality of computing nodes of the network;
-in case of positive verification, permitting establishment of wireless communication over the second mobile network such that the mobile device is pre-provisioned with a second subscription from a third mobile network operator; and
-issuing an assertion in an immutable distributed database, the assertion providing an identifier of a secure element associated with the mobile device and an indicator of a security level provisioned by the secure element.
CN201780034331.9A 2016-06-03 2017-05-22 Method and apparatus for issuing assertions in distributed databases of a mobile telecommunications network and for personalizing internet of things devices Active CN109196841B (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
EP16305645.0A EP3253020A1 (en) 2016-06-03 2016-06-03 A method and an apparatus for publishing assertions in a distributed database of a mobile telecommunication network
EP16305645.0 2016-06-03
PCT/EP2017/062232 WO2017207314A1 (en) 2016-06-03 2017-05-22 A method and an apparatus for publishing assertions in a distributed database of a mobile telecommunication network and for personalising internet of things devices

Publications (2)

Publication Number Publication Date
CN109196841A CN109196841A (en) 2019-01-11
CN109196841B true CN109196841B (en) 2021-06-04

Family

ID=56148326

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201780034331.9A Active CN109196841B (en) 2016-06-03 2017-05-22 Method and apparatus for issuing assertions in distributed databases of a mobile telecommunications network and for personalizing internet of things devices

Country Status (6)

Country Link
US (1) US11012860B2 (en)
EP (2) EP3253020A1 (en)
JP (1) JP6837082B2 (en)
KR (1) KR102093574B1 (en)
CN (1) CN109196841B (en)
WO (1) WO2017207314A1 (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3528468B1 (en) * 2018-02-20 2021-04-07 Nokia Technologies Oy Profile information sharing
CN110392014B (en) * 2018-04-17 2022-08-05 阿里巴巴集团控股有限公司 Communication method and device between Internet of things devices
US11451964B2 (en) * 2018-04-25 2022-09-20 Telefonaktiebolaget Lm Ericsson (Publ) Administration of subscription identifiers in a wireless communication network
CN110475249B (en) * 2018-05-10 2021-08-20 华为技术有限公司 Authentication method, related equipment and system
US10693716B2 (en) 2018-05-29 2020-06-23 At&T Mobility Ii Llc Blockchain based device management
US10972279B2 (en) * 2018-06-07 2021-04-06 International Business Machines Corporation Efficient validation for blockchain
CN109002732B (en) * 2018-07-17 2022-04-26 深圳前海微众银行股份有限公司 Data evidence storage method, equipment and system and data evidence obtaining method
US11165827B2 (en) 2018-10-30 2021-11-02 International Business Machines Corporation Suspending communication to/from non-compliant servers through a firewall
KR102177794B1 (en) * 2018-12-26 2020-11-12 서강대학교 산학협력단 Distributed device authentication protocol in internet of things blockchain environment
EP3935785A4 (en) * 2019-03-07 2022-03-02 Telefonaktiebolaget LM Ericsson (publ) Blockchain for communication of subscriber data records between public land mobile networks
WO2023200270A1 (en) * 2022-04-13 2023-10-19 Samsung Electronics Co., Ltd. Personal internet of things network management method and system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101039311A (en) * 2006-03-16 2007-09-19 华为技术有限公司 Identification web page service network system and its authentication method
CN101816201A (en) * 2007-10-05 2010-08-25 Iti苏格兰有限公司 distributed protocol for authorisation
WO2014000157A1 (en) * 2012-06-26 2014-01-03 Nokia Siemens Networks Oy Mtc device provisioning
EP2894890A1 (en) * 2014-01-09 2015-07-15 Koninklijke KPN N.V. Conditional access to a wireless network

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI625046B (en) * 2012-03-21 2018-05-21 內數位專利控股公司 Method and apparatus for mobile station sponsoring in a wireless network
CN104685935B (en) * 2012-09-27 2019-01-15 交互数字专利控股公司 Virtualize end-to-end framework, API framework, discovery and the access in network
EP2923478B1 (en) * 2012-11-21 2019-08-14 Apple Inc. Policy-based techniques for managing access control
WO2015056008A1 (en) * 2013-10-17 2015-04-23 Arm Ip Limited Method for assigning an agent device from a first device registry to a second device registry
US9858569B2 (en) * 2014-03-21 2018-01-02 Ramanan Navaratnam Systems and methods in support of authentication of an item
ES2552675B1 (en) * 2014-05-29 2016-10-10 Tecteco Security Systems, S.L. Routing method with security and frame-level authentication
US20160098723A1 (en) * 2014-10-01 2016-04-07 The Filing Cabinet, LLC System and method for block-chain verification of goods

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101039311A (en) * 2006-03-16 2007-09-19 华为技术有限公司 Identification web page service network system and its authentication method
CN101816201A (en) * 2007-10-05 2010-08-25 Iti苏格兰有限公司 distributed protocol for authorisation
WO2014000157A1 (en) * 2012-06-26 2014-01-03 Nokia Siemens Networks Oy Mtc device provisioning
EP2894890A1 (en) * 2014-01-09 2015-07-15 Koninklijke KPN N.V. Conditional access to a wireless network

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
dHSS - Distributed Peer-to-Peer implementation of the LTE HSS based on the Bitcoin/Namecoin architecture;Roger Piqueras Jover等;《2016 IEEE International Conference on Communication Workshop(ICC)》;20160527;第1、3页 *

Also Published As

Publication number Publication date
EP3466020B8 (en) 2022-02-16
KR20190002598A (en) 2019-01-08
KR102093574B1 (en) 2020-04-24
EP3466020A1 (en) 2019-04-10
US20190124512A1 (en) 2019-04-25
EP3253020A1 (en) 2017-12-06
CN109196841A (en) 2019-01-11
JP6837082B2 (en) 2021-03-03
EP3466020B1 (en) 2021-12-22
US11012860B2 (en) 2021-05-18
WO2017207314A1 (en) 2017-12-07
JP2019520752A (en) 2019-07-18

Similar Documents

Publication Publication Date Title
CN109196841B (en) Method and apparatus for issuing assertions in distributed databases of a mobile telecommunications network and for personalizing internet of things devices
JP6652767B2 (en) Methods for managing the status of connected devices
US20180091978A1 (en) Universal Integrated Circuit Card Having A Virtual Subscriber Identity Module Functionality
US9706407B2 (en) Method for configuring profile of subscriber authenticating module embedded and installed in terminal device, and apparatus using same
KR102325912B1 (en) Holistic module authentication with a device
EP2708069B1 (en) Sim lock for multi-sim environment
US20210144551A1 (en) Method and apparatus for discussing digital certificate by esim terminal and server
EP3824594B1 (en) Apparatus and method for ssp device and server to negotiate digital certificates
CN113273155B (en) Method and apparatus for managing binding of intelligent security platform
CN103959857A (en) Managing mobile device applications in a wireless network
WO2019056971A1 (en) Authentication method and device
KR20130064217A (en) Control module system and method for m2m services
KR20200101257A (en) Method and apparatus for device change in mobile communication system
CN115130075A (en) Digital signature method and device, electronic equipment and storage medium
US10820200B2 (en) Framework for securing device activations
US10820191B2 (en) Network communications for connected devices
US11178534B2 (en) Management of a subscriber entity
EP3863313A1 (en) Method and server for pushing data to mno
CN112567772B (en) Method, apparatus and system for authorizing remote profile management

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP01 Change in the name or title of a patent holder
CP01 Change in the name or title of a patent holder

Address after: French Meudon

Patentee after: Thales Digital Security France

Address before: French Meudon

Patentee before: GEMALTO S.A.

TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20230407

Address after: French Meudon

Patentee after: Thales Digital Security France Easy Stock Co.

Address before: French Meudon

Patentee before: Thales Digital Security France